diff --git a/src/ks_ssl.c b/src/ks_ssl.c index 4885c29..d2e3f81 100644 --- a/src/ks_ssl.c +++ b/src/ks_ssl.c @@ -180,56 +180,64 @@ KS_DECLARE(int) ks_gen_cert(const char *dir, const char *file) return(0); } -static int mkcert(X509 **x509p, EVP_PKEY **pkeyp, int bits, int serial, int days) +static EVP_PKEY *generate_rsa_key(int bits) { - X509 *x; +#if OPENSSL_VERSION_NUMBER >= 0x30000000 + return EVP_RSA_gen(bits); +#else EVP_PKEY *pk; RSA *rsa; - X509_NAME *name = NULL; - - ks_assert(pkeyp); - ks_assert(x509p); - if (*pkeyp == NULL) { - if ((pk = EVP_PKEY_new()) == NULL) { - abort(); - } - } else { - pk = *pkeyp; + pk = EVP_PKEY_new(); + if (pk == NULL) { + return NULL; } - if (*x509p == NULL) { - if ((x = X509_new()) == NULL) { - goto err; +# if OPENSSL_VERSION_NUMBER >= 0x10100000 + rsa = RSA_new(); + { + static const BN_ULONG ULONG_RSA_F4 = RSA_F4; + BIGNUM* BN_value_RSA_F4 = BN_new(); + if (!BN_value_RSA_F4) { + RSA_free(rsa); + EVP_PKEY_free(pk); + return NULL; } - } else { - x = *x509p; + BN_set_word(BN_value_RSA_F4,ULONG_RSA_F4); + RSA_generate_key_ex(rsa, bits, BN_value_RSA_F4, NULL); + BN_free(BN_value_RSA_F4); } +# else + rsa = RSA_generate_key(bits, RSA_F4, NULL, NULL); +# endif + if (!EVP_PKEY_assign_RSA(pk, rsa)) { + RSA_free(rsa); + EVP_PKEY_free(pk); + return NULL; + } -#if OPENSSL_VERSION_NUMBER >= 0x10100000 - rsa = RSA_new(); - { - static const BN_ULONG ULONG_RSA_F4 = RSA_F4; - BIGNUM* BN_value_RSA_F4 = BN_new(); - if (!BN_value_RSA_F4) { - abort(); - goto err; - } - BN_set_word(BN_value_RSA_F4,ULONG_RSA_F4); - RSA_generate_key_ex(rsa, bits, BN_value_RSA_F4, NULL); - BN_free(BN_value_RSA_F4); - } -#else - rsa = RSA_generate_key(bits, RSA_F4, NULL, NULL); + return pk; #endif +} - if (!EVP_PKEY_assign_RSA(pk, rsa)) { +static int mkcert(X509 **x509p, EVP_PKEY **pkeyp, int bits, int serial, int days) +{ + X509 *x; + EVP_PKEY *pk; + X509_NAME *name = NULL; + + ks_assert(pkeyp); + ks_assert(x509p); + + if ((pk = generate_rsa_key(bits)) == NULL) { abort(); goto err; } - rsa = NULL; + if ((x = X509_new()) == NULL) { + goto err; + } X509_set_version(x, 0); ASN1_INTEGER_set(X509_get_serialNumber(x), serial); diff --git a/src/kws.c b/src/kws.c index f1180c2..497e7ac 100644 --- a/src/kws.c +++ b/src/kws.c @@ -176,12 +176,16 @@ static int b64encode(unsigned char *in, ks_size_t ilen, unsigned char *out, ks_s static void sha1_digest(unsigned char *digest, char *in) { +#if OPENSSL_VERSION_NUMBER >= 0x30000000 + SHA1(in, strlen(in), digest); +#else SHA_CTX sha; SHA1_Init(&sha); SHA1_Update(&sha, in, strlen(in)); SHA1_Final(digest, &sha); +#endif } /* fix me when we get real rand funcs in ks */ diff --git a/src/simclist.c b/src/simclist.c index 8428ca3..b30dc54 100755 --- a/src/simclist.c +++ b/src/simclist.c @@ -1354,7 +1354,7 @@ int ks_list_dump_filedescriptor(const ks_list_t *restrict l, int fd, ks_size_t * WRITE_ERRCHECK(fd, ser_buf, bufsize); } else { /* speculation found broken */ - WRITE_ERRCHECK(fd, &bufsize, sizeof(ks_size_t)); + WRITE_ERRCHECK(fd, &bufsize, sizeof(uint32_t)); WRITE_ERRCHECK(fd, ser_buf, bufsize); } ks_pool_free(&ser_buf); @@ -1379,7 +1379,7 @@ int ks_list_dump_filedescriptor(const ks_list_t *restrict l, int fd, ks_size_t * WRITE_ERRCHECK(fd, x->data, bufsize); } else { - WRITE_ERRCHECK(fd, &bufsize, sizeof(ks_size_t)); + WRITE_ERRCHECK(fd, &bufsize, sizeof(uint32_t)); WRITE_ERRCHECK(fd, x->data, bufsize); } } diff --git a/tests/testwebsock2.c b/tests/testwebsock2.c index 872df22..5020d4e 100644 --- a/tests/testwebsock2.c +++ b/tests/testwebsock2.c @@ -97,11 +97,15 @@ static void sha1_digest(char *digest, unsigned char *in) static void sha1_digest(unsigned char *digest, char *in) { +#if OPENSSL_VERSION_NUMBER >= 0x30000000 + SHA1(in, strlen(in), digest); +#else SHA_CTX sha; SHA1_Init(&sha); SHA1_Update(&sha, in, strlen(in)); SHA1_Final(digest, &sha); +#endif } #endif